Database Info

security concerns migrating from iOs to Android

As title suggests, coming from a so called "clean" iOS environment to Android, my main concern how susceptible is my data to being stolen. I have no (current) plans to root my next phone and will be used mainly from business, but from what I have read in the past even google play store apps have been to known to have malicious content. Am I worrying too much ? I do carry sensitive work data on my iPhone.

applefag said:
As title suggests, coming from a so called "clean" iOS environment to Android, my main concern how susceptible is my data to being stolen. I have no (current) plans to root my next phone and will be used mainly from business, but from what I have read in the past even google play store apps have been to known to have malicious content. Am I worrying too much ? I do carry sensitive work data on my iPhone.
Click to expand...
Click to collapse
As long as the apps you install are from known sources (i.e. Play Store) you don't need to worry. Also every time you download an app check the permissions. If you think that the app shouldn't have those permissions then don't download it. Finally for safety reasons never install any apps from unknown sources (i.e. outside of Play Store) unless you trust the developer.
If you still find yourself worrying read this.

applefag said:
Am I worrying too much ?
Click to expand...
Click to collapse
Yep
I think you won't install any app outside Google Play so install apps that you know and you won't need to worry. FYI http://en.wikipedia.org/wiki/Security-Enhanced_Linux
kalpetros said:
Also every time you download an app check the permissions. If you think that the app shouldn't have those permissions then don't download it.
Click to expand...
Click to collapse
Well only if you are sure. Sometimes apps need permissions that aren't justified for some people.

for the open nature of the android ecosystem, it is somewhat normal that you will have to be careful though there are several different techniques, i use this the most.
Root your phone, install xposed framework and install xprivacy. here is a review of what it does http://www.xda-developers.com/android/manage-individual-app-permissions-with-xprivacy/ . I know the installation pprocess may seem daunting, but it is easier than you think this module wil allow you to block apps of certain permission. IE. you can block location service for all the apps on your phone so that no app can get your location. There are bunch of other permissions that you can block like access to contact, gallery etc
My question to others is : Is antivirus application on android worth it? I mean can it protect me from real time attaks and malwares??

SaffatBokul said:
My question to others is : Is antivirus application on android worth it? I mean can it protect me from real time attaks and malwares??
Click to expand...
Click to collapse
Not useful IMO. FYI I remember this article.

User sensibility is your best defense. Don't install apps not from the market. Only install apps with a lot of positive comments.
I would advise again rooting your phone. It's true that there are ways to block apps from accessing your private data on a rooted phone, but the additional vulnerability from unlocking your bootloader and rooting is not worth it. Just stick to apps from major developers.

snapper.fishes said:
User sensibility is your best defense. Don't install apps not from the market. Only install apps with a lot of positive comments.
I would advise again rooting your phone. It's true that there are ways to block apps from accessing your private data on a rooted phone, but the additional vulnerability from unlocking your bootloader and rooting is not worth it. Just stick to apps from major developers.
Click to expand...
Click to collapse
I agree, rooting your phone comprimises your security even if you do it to install security apps.

Primokorn said:
Yep
I think you won't install any app outside Google Play so install apps that you know and you won't need to worry.
Click to expand...
Click to collapse
Unfortunately, new apps in Google Play are rarely verified by Google staff, so there is still always a possibility of trojan or other malware.

A working package disabler?

Anyone managed to find a working safe package disabler? I feel all this bloatware is whats really killing my battery even tho I disabled &got rid of what I could. And even turned off the features I wouldn't be using that constantly drain. But I think the processes are still running for example the fingerprint process which I refuse to even use. I'd love to root but I think the tmobile s7 has been done yet.

Package Disabler Pro $2 in playstore

http://forum.xda-developers.com/android/software/debloater-remove-carrier-bloat-t2998294
Free.

sbdadmak said:
http://forum.xda-developers.com/android/software/debloater-remove-carrier-bloat-t2998294
Free.
Click to expand...
Click to collapse
That one requires root though.

0dBu said:
That one requires root though.
Click to expand...
Click to collapse
It works without root, it just doesn't remove them and instead only disables.

The built in one (under applications, DIsable) works fine and uninstalls all the updates so you regain any memory you've lost. I've disabled several including Lookout and and T-Mobile NameID and TV.

AndroiderM said:
Package Disabler Pro $2 in playstore
Click to expand...
Click to collapse
It got taken down at this time

nest75068 said:
It got taken down at this time
Click to expand...
Click to collapse
Look again.
https://play.google.com/store/apps/details?id=com.ospolice.packagedisablerpro&hl=en

mknewman said:
The built in one (under applications, DIsable) works fine and uninstalls all the updates so you regain any memory you've lost. I've disabled several including Lookout and and T-Mobile NameID and TV.
Click to expand...
Click to collapse
It should be noted, that NO, THE BUILT IN ONE does not work fine, and while you mentioned the other tmobile apps, you (probably intentionally) didn't mention the terrible, disable-proof, insulting, MEMORY INTENSIVE harassment of code that is the pointless T mobile "my account" app, with its system monitoring, and permanent notifications you have to jump through hoops to disable.
The fact that I have 200 MORE Samsung apps that I'm forced to run than my vanilla android counter parts is almost as insulting as the fact that Facebook, (and messenger), whatsapp, 5 pointless t mobile apps (2 of which are trials for premium paid features) are considered equally important and can't be uninstalled.
Thats purely asinine, and the watered down built in version does nothing about the services or dependent processes (aka battery consumption and everything else)
The T mobile hidden package "com.tmobile.pr.adapt" is so invasive that it quietly asks for root, the SECOND it detects the binary and DOES SO AGAIN AND AGAIN, OVER AND OVER without us ever getting an explanation...now it even shows up in marshmallow with data usage access... the only reason we know it even exists, or wants root, is supersu pops up, as our battery bottoms out...
Now, package disabler pro is gone from the store..oh wait...is it? Or is it just gone for Samsung devices? Or maybe just T Mobile, Samsung devices? Hrrmmm
No. The built in watered down version which doesn't help us with a package like tmobile.pr.adapt or let us disable every single thing we choose to, is simply NOT GOOD ENOUGH.
flyingwolf said:
Look again.
https://play.google.com/store/apps/details?id=com.ospolice.packagedisablerpro&hl=en
Click to expand...
Click to collapse
It's only gone for certain devices...

My Account is not enabled on my S7 unless I start it up myself. The com.tmobile.pr.adapt is enabled but if you disable Diagnostics under App Settings in T-Mobile for me it uses very little data, 14mb in almost a month for me, and T-Mo claims that the usage is not charged to you. You are correct you cannot stop it with the default application manager, but it will not show up in the task bar unless you manually start it.
I'm not going to get into root issues, my phone is on the Jump on Demand so I'm planning to trade up every few months and yeah root is nice but for the most part unless you are a dev (I am not) you shouldn't need it. I'd love to have my copy of Root Explorer and Titanium Backup work (for restores) but can get along without it. If I really needed that stuff I wouldn't have given up my Sony Xperia Z Ultra which was running CM to go to a new unrooted platform.

Hi,
I have been using EZ package disabler since I got my S7 Edge and I am happy with it. Unfortunately, when the software update came, with too much excitement, I forgot to enable all disabled apps prior to updating the firmware. I have updated the firmware with apps disabled. What problem should I be facing? What should I do? Currently I am not experiencing any problems but I suspect that the disabled apps where not optimized. Any help would be much appreciated. Thank you.

You can still find package disabler pro. Won't post the link because forum rules but Google is your best friend. I have it in my SD card.
Sent from my SM-G935T using XDA-Developers mobile app

Is there a way to make an app think it has location permission but not actually?

I recently picked up a dji osmo 3 - a stabilizer gimbal.
I do not know why, but the app demands location access. It will not allow you to use the app if you do not grant it. I even tried granting permission and then while using the app revoking permission - the app then prompts you again for location access without anyway to denying access and still use the app.
I was wondering if there's some way to make the app think it has location access? Maybe just feed it a bogus set of GPS coords?
I'm guessing there is, but I'm also guessing I need to at least be rooted, which i am not. I'm using a Note 10+ 5g with verizon, not rooted/stock rom.
I'd conside rooting the phone though if that's required.
Thanks

merkk said:
I recently picked up a dji osmo 3 - a stabilizer gimbal.
I do not know why, but the app demands location access. It will not allow you to use the app if you do not grant it. I even tried granting permission and then while using the app revoking permission - the app then prompts you again for location access without anyway to denying access and still use the app.
I was wondering if there's some way to make the app think it has location access? Maybe just feed it a bogus set of GPS coords?
I'm guessing there is, but I'm also guessing I need to at least be rooted, which i am not. I'm using a Note 10+ 5g with verizon, not rooted/stock rom.
I'd conside rooting the phone though if that's required.
Thanks
Click to expand...
Click to collapse
I think you'll find that interesting.
For your original question I don't think it's possible, but check the link

merkk said:
I recently picked up a dji osmo 3 - a stabilizer gimbal.
I do not know why, but the app demands location access. It will not allow you to use the app if you do not grant it. I even tried granting permission and then while using the app revoking permission - the app then prompts you again for location access without anyway to denying access and still use the app.
I was wondering if there's some way to make the app think it has location access? Maybe just feed it a bogus set of GPS coords?
I'm guessing there is, but I'm also guessing I need to at least be rooted, which i am not. I'm using a Note 10+ 5g with verizon, not rooted/stock rom.
I'd conside rooting the phone though if that's required.
Thanks
Click to expand...
Click to collapse
Yes, it is commonly used on android, it is called "mock location".
There is more than one way or more than one app/tool that can be used. To find the method/app/tool that works best for you, do a google search for:
"Setup mock location on android"
Try the different methods that you find until one of them works for you.
As for rooting your device, if you got the device from Verizon, you probably won't be able to root the device because Verizon's devices all have locked bootloaders. The only way you would be able to root is if one of the universal rooting apps or rooting programs just happens to have an exploit that works on your device, but even that is a very slim chance because those kinds of apps and programs pretty much lost their effectiveness somewhere between android Marshmallow and Oreo.
Sent from my SM-S767VL using Tapatalk

Raiz said:
I think you'll find that interesting.
For your original question I don't think it's possible, but check the link
Click to expand...
Click to collapse
I'm sorry - check which link?

merkk said:
I'm sorry - check which link?
Click to expand...
Click to collapse
Idk why and how it has been removed, here it is : https://www.wired.co.uk/article/x-privacy-android-app
Usually mods leave a note when a link is forbidden, but I'll advice you to follow the more complete answer from Droidriven.
Search for "mock location for Android" on google

Raiz said:
Idk why and how it has been removed, here it is : https://www.wired.co.uk/article/x-privacy-android-app
Usually mods leave a note when a link is forbidden, but I'll advice you to follow the more complete answer from Droidriven.
Search for "mock location for Android" on google
Click to expand...
Click to collapse
Thanks, i'm doing that. Although so far using mock location seems to be an all or nothing approach - meaning EVERYTHING has a fake location or everything has the real location. I just want the one dji app to have fake data. Looks like the app you linked to is what i want, although it's outdated now. And requires root, which driodriven says I may not be able to do on my phone. I'll have to look into it further.
FYI, i found a link to an updated version of xprivacy - https://forum.xda-developers.com/xposed/modules/xprivacylua6-0-android-privacy-manager-t3730663 - i haven't found out yet if this new version requires the phone to be rooted...considering all it does i'd be surprised if it didn't.

merkk said:
Thanks, i'm doing that. Although so far using mock location seems to be an all or nothing approach - meaning EVERYTHING has a fake location or everything has the real location. I just want the one dji app to have fake data. Looks like the app you linked to is what i want, although it's outdated now. And requires root, which driodriven says I may not be able to do on my phone. I'll have to look into it further.
FYI, i found a link to an updated version of xprivacy - https://forum.xda-developers.com/xposed/modules/xprivacylua6-0-android-privacy-manager-t3730663 - i haven't found out yet if this new version requires the phone to be rooted...considering all it does i'd be surprised if it didn't.
Click to expand...
Click to collapse
I'm not sure there is a way to make it apply to individual apps separately.
Sent from my SM-S767VL using Tapatalk

Tapjoy Seems to Detect Root?

I have 2 phones (same model) one rooted and the other one isn't. I have the same game installed on both phones, but when I open tapjoy on the rooted phone no offers for downloading apps or app actions appear, but on my non-rooted phone they do... So I really believe that tapjoy is somehow detecting root (I did magisk hide and safetynet pass).
All though I'm pretty sure tapjoy isdetecting root I did notice one weird thing on my rooted phone, when I search for "Alarmy" on Google Play it doesn't show up, but on my non-rooted phone it shows up in the play store (again same phone model and same android version! Android 11), this fact makes me uncertain if tapjoy is detecting root or not.
Does anyone know a solution or know what's going on?

Whether a phone's Android got rooted ( tampered in whatever way ) or not can easily be detected by any app.
People shouldn't believe that app developers aren't smart enough to detect it: they simply have to look inside vbmeta files and check for content of 2 bytes on fixed address.

jwoegerbauer said:
Whether a phone's Android got rooted ( tampered in whatever way ) or not can easily be detected by any app.
People shouldn't believe that app developers aren't smart enough to detect it.
Click to expand...
Click to collapse
Yes, but there would still be a workaround.
What explains the Alarmy situation though? Alarmy doesn't show up in the Google Play Store before the app is installed

Zontraz said:
Yes, but there would still be a workaround.
Click to expand...
Click to collapse
If you say so ...

jwoegerbauer said:
If you say so ...
Click to expand...
Click to collapse
It's obvious there would be a workaround, I was just hoping someone here knew it. If you know the exact method that they use to detect root it would be easy to make a workaround depending on the method.

I don't know what method is used in Tapjoy: it would require to decompile the APK and to look into app's source code.
FYI: I will certainly not do that.

App that allows root permissions without root?

Hello,
I was browsing around XDA the other day. I stumbled across the name of an app with a GitHub page. I am trying to remember the name of the app and cannot. It said it would allow root apps to function without actually rooting your phone. Does anyone happen to know what it is called?
I have a Pixel 4xl. I can and have rooted it before. However, even though I hid Magisks and excluded a app for a real casino I got banned. They tried to say it was because I was not able to be geolocated. However, the app confirmed with a message stating my phone was rooted.
I would like to be able to run AdAway without having to allow it to work via VPN. I already have a VPN which I use when I am not playing one of my online casinos. There are also a few more root apps I like. I would like to use them without any worry.
Thank you,
Rocky

what device?

aIecxs said:
what device?
Click to expand...
Click to collapse
Pixel 4xl I ended up finding the app. It was Shizuku. I did not get a change to read all about it when I first heard about it. The page I was viewing almost made it sound like a magisk replacement. Then, my phone died and I couldn't remember what it was called.
I wish there was an app or something that will allow this permissions for apps that need them to work better. However, remain undetectable at the same time. That would be great. There are a few root apps I love to install. However, root is not as popular as it once was to me at least.

that app allows running as adb shell, no root access can be provided.

@bigroc2223
Watch this video
Only caveat: ROMs available are only Android 7.1